🔬 Conversion Rate Optimisation for your 🌐 WordPress & 🛒 WooCommerce: skyrocket sales with modern proven methods! The purpose of recurrent CRO services is to constantly improve the likelihood of visitors taking your desired action on your domain.
Be informed about the latest WP Cross-Site Request Forgery, identified and reported publicly. As these WP CSRF SEP 2024 vulnerabilities have a severe negative impact on any WordPress Security, consider our security audit. It is a -28% DECREASE compared to previous month, as specifically targeted Cross-Site Request Forgeries. Consider for your online safety, a managed WP/Woo Security AUDIT, – OR – switching with a TOP10LIST alternative WP Security Plugin - OR - Hire professionals for managed Security.
As these Cross-Site Request Forgeries cases from publicly reported vulnerable plugins are on your domain, it opens Pandora’s box from a security point of view. The following cases made headlines PUBLICLY just last month in the WP CSRF SEP 2024 & WP Cross-Site Request Forgery category:
| Advanced Form Integration | Cross-Site Request Forgery (CSRF) |
| Analytify | Cross-Site Request Forgery (CSRF) Leading to Optout |
| Backup and Restore WordPress | Cross-Site Request Forgery (CSRF) |
| Blog Introduction | Settings Update (BAC) via Cross-Site Request Forgery (CSRF) |
| BP Profile Search | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Brave Popup Builder | Cross-Site Request Forgery (CSRF) |
| Bricks Builder Theme | Cross-Site Request Forgery (CSRF) via save_settings |
| Brizy – Page Builder | Cross-Site Request Forgery (CSRF) |
| Christmasify! | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Dark Mode for WP Dashboard | Cross-Site Request Forgery (CSRF) |
| Download Plugins and Themes from Dashboard | Cross-Site Request Forgery (CSRF) |
| Email Address Encoder | Cross-Site Request Forgery (CSRF) |
| Enhanced Search Box | Settings Update (BAC) via Cross-Site Request Forgery (CSRF) |
| Favicon Generator | Cross-Site Request Forgery (CSRF) to File Deletion (BAC) |
| Favicon Generator | File Upload (BAC) via Cross-Site Request Forgery (CSRF) |
| Fonts | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)vulnerability |
| Gixaw Chat | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
| Hummingbird | Cross-Site Request Forgery (CSRF) |
| ILC Thickbox | Settings Update (BAC) via Cross-Site Request Forgery (CSRF) |
| ImageRecycle pdf & image compression | Cross-Site Request Forgery (CSRF) in Several AJAX Actions |
| infolinks Ad Wrap | Cross-Site Request Forgery (CSRF) to Settings Update (BAC) |
| Insert PHP Code Snippet | Cross-Site Request Forgery (CSRF) |
| LatePoint | Cross-Site Request Forgery (CSRF) |
| LearnPress | Cross-Site Request Forgery (CSRF) |
| MainWP Child Reports | Cross-Site Request Forgery (CSRF) to Options Update (BAC) |
| Misiek Paypal | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
| Misiek Photo Album | Album Deletion (BAC) via Cross-Site Request Forgery (CSRF) |
| Misiek Photo Album | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Music Request Manager | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
| MyBookTable Bookstore | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue | Cross-Site Request Forgery (CSRF) |
| OTA Sync Booking Engine Widget | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Podlove Podcast Publisher | Cross-Site Request Forgery (CSRF) to Remote Code Execution (RCE) |
| Review Ratings | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
| Reviews Feed | Cross-Site Request Forgery (CSRF) |
| Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce | Cross-Site Request Forgery (CSRF) |
| Simple Headline Rotator | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
| Simple Local Avatars | Cross-Site Request Forgery (CSRF) |
| Snapshot Backup | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
| Special Feed Items | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
| SpeedyCache | Cross-Site Request Forgery (CSRF) |
| Stripe Payments For WooCommerce by Checkout | Cross-Site Request Forgery (CSRF) |
| Superfly Menu | Cross-Site Request Forgery (CSRF) to File Deletion (BAC) |
| Theme My Login | Cross-Site Request Forgery (CSRF) to Settings Update (BAC) |
| Tourfic | Cross-Site Request Forgery (CSRF) in Multiple Functions |
| TrueBooker | Settings Update (BAC) via Cross-Site Request Forgery (CSRF) |
| Tutor LMS | Cross-Site Request Forgery (CSRF) |
| Vikinghammer Tweet | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
| Visual Sound (old) | Settings Update (BAC) via Cross-Site Request Forgery (CSRF) |
| WebinarPress | Cross-Site Request Forgery (CSRF) |
| WooCommerce Customers Manager | Multiple Cross-Site Request Forgery (CSRF) |
| WordPress File Upload | Cross-Site Request Forgery (CSRF) |
| WP Armour Extended | Cross-Site Request Forgery (CSRF) |
| WP Data Access | Cross-Site Request Forgery (CSRF) |
| WP eMember | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
| WP eStore | Settings Reset via Cross-Site Request Forgery (CSRF) |
| WP MultiTasking | Multiple Cross-Site Request Forgery (CSRF) |
| WP User Manager | Cross-Site Request Forgery (CSRF) |
| WordPress CSRF & Cross-Site Request Forgery reported in 2023: | 949 |
| WordPress CSRF & Cross-Site Request Forgery reported in 2024: | 607 |
How wonderful would be to simply let others take care of your chores? We absolutely understand why you would want that. This is why we propose this unique campaign: the price of a premium cup of coffee per week, for your first managed service.
Start simply by contacting us with your selections:
We care about the protection of your personal data. Update, subscribe or unsubscribe anytime. Read our Privacy Policy.